flash player vulnerabilities and exploits

7.2
CVSSv2
CVE-2019-0841

An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0796, CVE-2019-0805,...

MicrosoftWindows 10Windows Server 2016Windows Server 2019
7.2
CVSSv2
CVE-2019-0863

An elevation of privilege vulnerability exists in the way Windows Error Reporting (WER) handles files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'....

7.5
CVSSv2
CVE-2019-11707

A type confusion vulnerability has been found in Firefox 67.0.3 and Firefox ESR 60.7.1. The vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. It can allow remote code execution....

MozillaFirefoxFirefox EsrThunderbird
9.3
CVSSv2
CVE-2018-0798

Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability"....

MicrosoftOfficeOffice Compatibility PackWord
10
CVSSv2
CVE-2019-11708

Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result...

NA
CVE-2019-5853

Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption in regexp length check. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the...

NA
CVE-2019-5851

Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-poison in offline audio context. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the...

NA
CVE-2019-5860

Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in PDFium. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system....

NA
CVE-2019-5850

Several vulnerabilities have been discovered in the chromium web browser. CVE-2019-5805 A use-after-free issue was discovered in the pdfium library. CVE-2019-5806 Wen Xu discovered an integer overflow issue in the Angle library. CVE-2019-5807 TimGMichaud discovered...

9.3
CVSSv2
CVE-2017-2963

Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to handling of the color profile in a TIFF file. Successful exploitation could lead...